What you can do
We need your help to protect you. Always be vigilant when it comes to your online banking.
Steps you can take
Keep your PIN and TANs secret
Anyone who knows your user ID and PIN can log on under your name. And if such individuals also know your transaction numbers (TANs), they will be able to debit payments from your accounts and portfolios. So please observe a few simple rules:
- Do not tell anyone the PIN for your online applications. No Commerzbank employee will ever ask you for your PIN or request you to e-mail this number or other personal data such as your name, address or account number.
- Recently there has been a spate of fraudsters sending e-mails from the address of bona fide companies to request the recipients to log on to a particular web site by clicking a link in the mail. These e-mails usually seem highly plausible and the sites are often virtually identical with the genuine articles. Fraudsters use this scam (called “phishing“, or “password fishing”) to obtain access to your logon data. To play safe, never click on links in e-mails that purportedly lead straight to logon pages of the Commerzbank. To log on, always go via the start pages of companyworld, or key in the address directly.
- Be sure to change your PIN periodically.
- Never ever save your PIN and/or TANs on your computer (not even in your finance software).
- If you have reason to think that the confidentiality of your PIN and/or TANs has been compromised, please disable your access at once and notify your Commerzbank branch or the help desk.
- If you know you will not be using the Commerzbank applications for some time, you might prefer to disable your online access as an additional safeguard against unauthorised use.
Check the Internet address
When you launch your online application, always check that you are connected to the right Internet address.
It’s important that the address begins with the protocol https – not http – and that an icon showing a lock is visible in the browser footer line. Do not ever enter your personal data (especially your PIN and password) without first verifying that the address and protocol are correct!
Always end with logout
Always exit your online applications by clicking the "Logout" button, and then close the browser window.
Check the certificate
To be sure you are really connected to a Commerzbank server, you can check the details in the server certificate by double-clicking the lock icon in the browser.
Pay special attention to the following security criteria:
- The application’s Internet address shown in the browser must match the one in the certificate.
- The server certificate must not have expired.
- The certificate must be issued for the Commerzbank AG. It is signed by an independent certification authority.
If one or more of these criteria are not fulfilled, please close the application immediately and report the error to the help desk.
Phone +49 (0) 40 - 3 76 95 100 (Monday to Friday from 8.00 am to 7.00 pm) or fill in the contact form.
You are also welcome to send us a message via fax to the following fax number: +49 (0) 40 - 3 76 95 400.
Browser settings
Always use the latest version of your browser. Up-to-date software will usually have improved security mechanisms. Always close your browser completely after logging off. When working in an alien environment you should play safe and delete the cache completely after use. Follow the instructions in your browser.
Also take note of the recommended browser settings in the installation guide you received with your Commerzbank software.
Protecting against viruses and Trojans
All the data on your computer is subject to the threat of being destroyed by computer viruses or compromised by Trojans. Trojans are programs whose visible, official purpose (a screen saver utility, for instance) is a smokescreen for a harmful function that spies on your confidential data with illicit intent. These programs usually infect your hard disk via e-mail or file download.
- Only install programs from trusted sources. Do not install any programs that are sent to you unsolicited.
- Keep yourself informed about the availability of security updates for your operating system and browser.
- Only use the Internet with a user account that has no administration rights. The documentation for your operating system will explain how to set up an account like this.
- Install an antivirus scanner that also offers protection against Trojans. Run regular antivirus and Trojan checks on all the files on your computer.
- A personal firewall – a program installed on your PC that monitors all connections – can offer additional protection. However, installing and configuring firewalls is not always easy, and the job usually requires a certain level of special knowledge.
- Well-known manufacturers of antivirus scanners include McAfee, Norton or Symantec, and F-Secure; well-known personal firewalls include McAfee, Norton, ZoneAlarm and Tiny Software.
- Be particularly careful with data which are exchanged via the internet.
- Make regular backup of critical data.
Access from third-party environments
If you use the Commerzbank online applications on computers that are not completely in your control, there are a few additional ground rules you should observe:
- Never leave the computer unattended while an online session is in progress. If you do have to leave the PC, first close the application or activate a password-protected screensaver.
- When entering your PIN, password or TANs, be sure that your keyboard inputs are not being memorised or otherwise recorded by anyone else.
- Protect your TAN list from prying eyes!
- Do not use a computer which can not be trusted. If you use the Corporate Banking portal in a foreign environment, special care must be taken: if you have the slightest doubt about the seriousness of the owner or the system operators of the PC, on no account enter your access data and, in particular, your PIN via such a third-party PC. If necessary, do without access. No one can protect you if, for instance, a program is installed there which intercepts all your entries, including your user number and PIN, and thus makes abuse possible.
- Particularly important: Please ensure that, in a foreign environment, you end every connection with the closed area of the Corporate Banking portal (e.g. Online Banking) with the red “Log off” button provided for this purpose (see also: “Ending an online session”). If possible, do not leave your place at the computer during an active online session. If this cannot be avoided, end your online session beforehand, or at least activate a password-protected screensaver, for which only you know the password. When entering the PIN and TANs, make sure that other individuals do not spy out your keyboard entries. If you use the iTAN method, protect your iTAN lists from prying eyes, and remember too that mini cameras may have been installed.